@kuratchi/js 0.0.17 → 0.0.18

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (6) hide show
  1. package/dist/compiler/index.js +3 -1
  2. package/dist/compiler/worker-output-pipeline.d.ts +1 -0
  3. package/dist/compiler/worker-output-pipeline.js +8 -0
  4. package/dist/create.js +1 -1
  5. package/dist/runtime/security.js +15 -1
  6. package/package.json +1 -1
package/dist/compiler/index.js CHANGED
@@ -18,7 +18,7 @@ import { prepareRootLayoutSource } from './root-layout-pipeline.js';
18
18
  import { generateRoutesModule as generateRoutesModulePipeline } from './routes-module-pipeline.js';
19
19
  import { assembleRouteState } from './route-state-pipeline.js';
20
20
  import { createServerModuleCompiler } from './server-module-pipeline.js';
21
- import { buildWorkerEntrypointSource, resolveRuntimeImportPath as resolveRuntimeImportPathPipeline, } from './worker-output-pipeline.js';
21
+ import { buildCompatEntrypointSource, buildWorkerEntrypointSource, resolveRuntimeImportPath as resolveRuntimeImportPathPipeline, } from './worker-output-pipeline.js';
22
22
  import { syncWranglerConfig as syncWranglerConfigPipeline } from './wrangler-sync.js';
23
23
  import { filePathToPattern } from '../runtime/router.js';
24
24
  import * as fs from 'node:fs';
@@ -294,6 +294,7 @@ export async function compile(options) {
294
294
  fs.mkdirSync(outDir, { recursive: true });
295
295
  }
296
296
  writeIfChanged(outFile, output);
297
+ writeIfChanged(path.join(outDir, 'routes.js'), buildCompatEntrypointSource('./routes.ts'));
297
298
  // Generate .kuratchi/worker.ts — the stable wrangler entry point.
298
299
  // routes.ts already exports the default fetch handler and all named DO classes;
299
300
  // worker.ts explicitly re-exports them so wrangler.jsonc can reference a
@@ -305,6 +306,7 @@ export async function compile(options) {
305
306
  doClassNames: doConfig.map((entry) => entry.className),
306
307
  workerClassEntries: [...agentConfig, ...containerConfig, ...workflowConfig],
307
308
  }));
309
+ writeIfChanged(path.join(outDir, 'worker.js'), buildCompatEntrypointSource('./worker.ts'));
308
310
  // Auto-sync wrangler.jsonc with workflow/container/DO config from kuratchi.config.ts
309
311
  syncWranglerConfigPipeline({
310
312
  projectDir,
package/dist/compiler/worker-output-pipeline.d.ts CHANGED
@@ -11,3 +11,4 @@ export declare function buildWorkerEntrypointSource(opts: {
11
11
  doClassNames: string[];
12
12
  workerClassEntries: WorkerClassExportEntry[];
13
13
  }): string;
14
+ export declare function buildCompatEntrypointSource(targetFile: string): string;
package/dist/compiler/worker-output-pipeline.js CHANGED
@@ -35,3 +35,11 @@ export function buildWorkerEntrypointSource(opts) {
35
35
  '',
36
36
  ].join('\n');
37
37
  }
38
+ export function buildCompatEntrypointSource(targetFile) {
39
+ return [
40
+ '// Auto-generated by kuratchi — do not edit.',
41
+ `export { default } from '${targetFile}';`,
42
+ `export * from '${targetFile}';`,
43
+ '',
44
+ ].join('\n');
45
+ }
package/dist/create.js CHANGED
@@ -278,7 +278,7 @@ function genPackageJson(opts) {
278
278
  function genWrangler(opts) {
279
279
  const config = {
280
280
  name: opts.name,
281
- main: '.kuratchi/worker.js',
281
+ main: '.kuratchi/worker.ts',
282
282
  compatibility_date: new Date().toISOString().split('T')[0],
283
283
  compatibility_flags: ['nodejs_compat'],
284
284
  };
package/dist/runtime/security.js CHANGED
@@ -32,6 +32,7 @@ export function initCsrf(request, cookieName = CSRF_COOKIE_NAME) {
32
32
  }
33
33
  __setLocal('__csrfToken', token);
34
34
  __setLocal('__csrfCookieName', cookieName);
35
+ __setLocal('__csrfCookieSecure', shouldUseSecureCookie(request));
35
36
  return token;
36
37
  }
37
38
  /**
@@ -94,9 +95,10 @@ export function getCsrfCookieHeader() {
94
95
  }
95
96
  const token = locals.__csrfToken;
96
97
  const cookieName = locals.__csrfCookieName || CSRF_COOKIE_NAME;
98
+ const secure = locals.__csrfCookieSecure ? '; Secure' : '';
97
99
  // SameSite=Lax allows the cookie to be sent on top-level navigations
98
100
  // HttpOnly=false so client JS can read it for fetch requests
99
- return `${cookieName}=${token}; Path=/; SameSite=Lax; Secure`;
101
+ return `${cookieName}=${token}; Path=/; SameSite=Lax${secure}`;
100
102
  }
101
103
  // ── RPC Security ───────────────────────────────────────────────────
102
104
  const RPC_NONCE_LENGTH = 16;
@@ -191,6 +193,18 @@ function parseCookies(header) {
191
193
  }
192
194
  return map;
193
195
  }
196
+ function shouldUseSecureCookie(request) {
197
+ const forwardedProto = request.headers.get('x-forwarded-proto');
198
+ if (forwardedProto) {
199
+ return forwardedProto.split(',')[0].trim().toLowerCase() === 'https';
200
+ }
201
+ try {
202
+ return new URL(request.url).protocol === 'https:';
203
+ }
204
+ catch {
205
+ return false;
206
+ }
207
+ }
194
208
  function isSameOrigin(request, url) {
195
209
  const fetchSite = request.headers.get('sec-fetch-site');
196
210
  if (fetchSite && fetchSite !== 'same-origin' && fetchSite !== 'same-site' && fetchSite !== 'none') {
package/package.json CHANGED
@@ -1,6 +1,6 @@
1
1
  {
2
2
  "name": "@kuratchi/js",
3
- "version": "0.0.17",
3
+ "version": "0.0.18",
4
4
  "description": "A thin, Cloudflare Workers-native web framework with Svelte-inspired syntax",
5
5
  "license": "MIT",
6
6
  "type": "module",